Log InJoin Now Español

Education & Resources

Security and Privacy

Click here to view the Privacy Notice.

Security and Privacy Policy

Personal Information and Security

SMCU values the trust you put in us as your financial institution, and we take the responsibility of safeguarding your personal information very seriously. This Statement describes some of the steps we take to protect the personal and financial data you have entrusted to us.  

Website

When you visit our website at www.smcu.com, we collect only the private information that you choose to give us (such as providing feedback or completing a form). We may use “cookies” on some pages of our website for the purpose of serving you better when you return to our site. A cookie is a small text file placed on your hard drive by our host’s web page server. These cookies do not collect any personal identification information. We use data collected from cookies for administrative purposes, e.g., to help us improve our site design and content. Cookies may also be used to track how you use the site to target ads to you on other websites.

Children's Online Privacy

We do not knowingly collect or use personal information from children under 13 on our website or anywhere else.

Online Banking

When you bank online with us, you voluntarily provide personal identifying information i.e., your account number and password. This information, which may be enhanced from time to time, enables SMCU and the companies we work with to provide you secure access to your accounts. Secure Socket Layer (SSL) technology (128-bit) and multi-factor identification are used to protect your personal information. During a log-in session, cookies are used for security purposes, but your account and/or personal information is not stored within the cookie.

Online Application/Forms and Handling of Email 

When you choose to submit an online form and/or application, or enter a contest or participate in a survey, SMCU may ask that you provide information about yourself. Online applications and forms on which you provide non-public personal information are forwarded to us on secure phone/data lines. We collect and store this information in order to respond to you and maintain a record of that response.

If you send an email directly to an SMCU email address via the Internet, or if we offer you the option of sending an Internet email through our Web site, we collect and store any personal information you submit in order to respond to you and maintain a record of that response. Internet email is not secure, and normally should not be used for inquiries of a sensitive and confidential nature. Since an Internet email response back to you is not secure, we will do our best to not include confidential account information when addressing your concerns in an email response.

Linked Sites

You will find “co-branded” sites on our Web site pages (www.smcu.com). Co-branded sites are those where you will see the SMCU name and logo as well as the name and logo of the service provider. SMCU is not responsible for any information that your provide or that may be gathered at a linked site, or for the content or Privacy Policy of any such site. That said, however, we do make every reasonable effort to ensure that these sites have privacy practices that are similar to ours. We encourage you to read the Privacy and Security Statements of each site before providing personal information to the service provider. Our Web site also includes links to various other sites for the purpose of providing informational and/or community resources. SMCU is not responsible for the privacy or security practices or the content of these other sites, and, where applicable, before providing personal identifiable information at any of these sites, we ask that you read their Privacy and Security Statements.

Anti-Phishing Information 

Phishing is the attempt to get your private information by posing as a website, email, or representative of a trusted institution. Be aware that SMCU will never ask you for sensitive information, such as your Social Security number, PINs or passwords, by phone, email, or text messaging. If you receive an email, text message, or phone call requesting this type of information, please contact SMCU immediately.  

Information Collected Through the Use of Our Sites

Although perfect security is not possible, we have policies and procedures in place to protect the safety of your personal and financial information. We have not and will not sell your account information. We may share some information with third parties, as permitted by law, to enhance the products and services we offer and to comply with local, state, and federal regulations. 

Security

You communicate with our computer systems, web site, by using your computer's web browser. Your web browser will need to be updated periodically for continued safe and secure use of our web site. Our Websites are secured via digital certificates and industry standard encryption and time-sensitive session cookies in order to obtain personal information for member transactions. We only support browsers that use Secure Sockets Layer ("SSL") 3.0 (or higher). SSL is intended to help ensure that: You are in fact dealing with SMCU, instead of a site impersonating us. Your information reaches us through SSL to help protect the contents of the message from eavesdropping, and interception, however, no security is perfect and it is your responsibility to use up-to-date software, security features such as anti-virus, anti-malware, and connect via trusted networks.

Mobile Security

If you access our websites or mobile app via a mobile device, we recommend that you that these steps to secure that device in the event it is lost or stolen. 1) Use a password or passcode to lock your device to prevent unauthorized access. 2) When you are finished with a mobile session, log completely our of either mobile Online Banking or the SMCU Mobile App to guard against unauthorized access to your SMCU accounts. 3) Do not store your Online Banking password on your mobile device and do not allow the SMCU Mobile App or website to remember your password. 4) Download updated to the SMCU Mobile App as they are available to ensure that you have necessary security fixes.   

Honoring Your Preferences

SMCU may send (or arrange for others to send) emails. If you do not want to receive those communications in the future, follow the steps within the message to unsubscribe or contact us. If you enrolled in Online Banking, you agreed to our Electronic Communications Disclosure and therefore we may periodically send other disclosures and important information to you electronically. Such enrollment process did not include an opportunity to opt-out of receiving electronic communications from us; however, you may opt-out of receiving subsequent electronic communications at the time of receipt by selecting "unsubscribe". You may opt out of all electronic communications by contacting us

Changes

We reserve the right to change this Statement, and you agree it is your responsibility to check this Statement periodically for any changes. Copyright © 2014 SMCU. All Rights Reserved.

Security Awareness

SYSTEM ACCESS INFORMATION

  • SMCU will never call, email or otherwise contact you to request your access ID, password, or other log-in credentials for the online services we offer. If you receive such a request, do not provide any information. Contact SMCU to report the incident.

PASSWORD SECURITY TIPS 

  • Based on you membership and account agreement, do not share your username or password with anyone. Keep them in a secured location. Only you should have access.
  • Create a unique username and password for each website and do not use the same identifying information on multiple sites.
  • Create strong username and password and include upper case letter(s), lower case letter(s), number(s), and special character(s) like, !@#$%^&*
  • Change your password on a regular basis.

REPORTING SUSPICIOUS ACTIVITY 

  • If you see suspicious activity on your account(s) or have received a suspicious call, email, letter or other similar activity relating to your accounts, report this to SMCU immediately.
  • Consumer Protection and Regulation E. The regulation provide rules for error resolution and unauthorized transactions for electronic fund transfers, which includes most transactions processed online. In addition, it establishes limits to your financial liability for unauthorized electronic fund transfers. These limits, however, are directly related to the timeliness of your detection and reporting of issues to SMCU. It is for this reason that we encourage you to immediately review periodic account statements and to regularly monitor your account activity online. The disclosure provided to you at the time of account opening provides detailed information. We will provide to you, upon request, a free printed copy of this disclosure.

ONLINE ACCESS RISK 

  • Security tips and links to websites provide important information and news to help you understand online transaction risk and options to help you control these risks. It is important to be informed. When it comes to internet fraud, account takeover and identity theft, these steps will help prevent exposure to additional risks.

WEBSITE SECURITY TIPS 

  • Monitor your account activity. View account activity online on a regular basis and review periodic account statements and reconcile them to your personal records. Report any suspicious activity to SMCU immediately.
  • When logging off from a website, do not just close the page or "X" out. You need to “Log Out” or “Log Off”
  • Secure websites have a web address that includes an "s" (https rather than http). If this is lacking, the site is not a secure session (or genuine). Do not log in or conduct business on the site.
  • If a website displays a security monitor, verify it has the current date. If it does not, do not use the site; it may be a spoofed or hijacked. • When completing financial transactions, verify encryption and other security methods are in place, protecting your account and personal information.

COMPUTER & NETWORK SECURITY TIPS 

  • Use quality security monitoring software on your PC that includes anti-virus, anti-malware and firewall functions.
  • Use your PC's security features such as individual Log-In accounts.
  • Keep PC operating system security up-to-date by applying patches and updates.
  • Password-protect your computer network (physical or wireless). • Web Resources – Learn more and do more to protect yourself online!

HELPFUL WEBLINKS 

RECENT SCAMS AND HOW TO REPORT SCAMS 

  • Go to the IC3 website, a partnership of the FBI, the National White Collar Crime Center, and the Bureau of Justice: http://www.ic3.gov

SCAMS AND FRAUD AND TIPS TO AVOID BEING A VICTIM 

INFORMATION FOR BUSINESS USERS OF ONLINE SERVICES

Financial Regulators have noticed that business transactions, because of their frequency and dollar value, are inherently more risky than consumer transactions. The fraud risk is increasing, e.g., rise of online account takeovers and unauthorized online fund transfers related to business accounts. For example, small to medium sized businesses have been primary targets as cyber criminals have recognized that the security controls they have in place are not as robust as that of larger businesses.

Here are some of the financial regulators’ suggestions to enhanced controls for businesses:

  • Business members should be encouraged to perform a periodic risk assessment and an evaluation of the effectiveness of the controls they have in place to minimize the risks of online transaction processing.
  • The password, website, computer and network tips above provide a starting point for this process and the web resource links provide additional detailed information.
  • The FTC Business Center has a great deal of information for businesses at http://business.ftc.gov/privacy-and-security/data-security
  • Business members should understand the security features of the software and websites they utilize and take advantage of these features. Segregation of duties—the process of separating duties so no one person can perform all steps of a transaction—is an example of a very important security feature.
  • Layered security options that may be available to business members doing online transactions include transaction thresholds, out-of-band verification (such as telephone or email verifications), fraud detection and monitoring systems, and IP reputation–based services.

Important Fraud Prevention Tips

ALWAYS REMEMBER:

  • If it sounds too good to be true, it probably is.
  • Never provide your online banking credentials to anyone.
  • Trust your gut feelings – especially when you have a bad feeling about an offer or a company.
  • If you are ever asked to deposit a check or money order, then wire funds – this is a scam!

ATM SECURITY TIPS:

ATMs can be subject to fraud, vandalism, and burglary. They can also be the scene of robberies. Consider the following tips when using an ATM:

  • Use a familiar ATM when possible. If you are not near one, choose a well-lit, well-placed ATM where you feel comfortable. If possible, use a drive up ATM especially if you're alone at night. Keep your car doors locked and your windows up, except for the driver's window when using the machine.
  • Scan the entire ATM area before using the machine. Avoid using the ATM if anyone is loitering or if it looks too isolated or unsafe. Trust your instincts.
  • When using a walk-up ATM, avoid opening your purse, bag or wallet. Have your card ready in your hand before you approach the machine.
  • Observe if anything looks unusual or suspicious about the ATM indicating it might have been altered. If the ATM appears to have its card slot or keypad altered, do not use it. Check for unusual instructions on the display screen or for suspicious blank screens. If you suspect that the ATM has been tampered with, proceed to another ATM and inform SMCU or the ATM owner.
  • Avoid an ATM which has a message or a sign attached to it indicating that the screen directions have been changed, especially if the message is posted over the card reader. SMCU and other financial institutions will never post messages directing you to use an ATM that has been altered

ATM SKIMMING SECURITY TIPS: Skimming is a method of obtaining personal data from ATM, debit, or credit cards while they are used at an ATM machine or a merchant location. People can alter equipment on legitimate ATMs in an effort to steal both the magnetic stripe data from the cards being used and the PINs that are assigned to those cards.

More recent technology allows the culprit to remain nearby receiving the information wirelessly from equipment they installed on the ATM. The thieves can then copy the cards and use the PIN numbers to withdraw money from many accounts in a very short time directly from an ATM.

Please note: The following examples refer to ATMs, but similar devices may also be placed on card readers at gas station pumps.

Equipment is installed on the front of the original ATM card slot. The false slot holds an additional card reader called a "skimmer." The skimmer captures and copies the card information.

Then a camera that reads the card PIN is housed in an innocent looking pamphlet holder. The camera inside pamphlet holder is angled to view monitor and keypad.

What can you do to protect yourself?

Be vigilant and inspect the ATM before using it. Skimming devices that are placed on or near the ATM's actual card reader are often difficult to detect, but if anything about the card reader or PIN pad looks different, unusual or seems loose to the touch, don't use it. If possible, report this to SMCU or the owner of the ATM as soon as possible.

What if a skimming device is found on a SMCU ATM?

If you suspect a skimming device has been place on a SMCU ATM, do not use it or try to remove the device. Speak to branch personnel as quickly as possible or call our Contact Center at (206) 398-5500.

PHISHING SECURITY TIPS:

Phishing is a technique that uses fake emails or fraudulent websites to gain personal information for purposes of identity theft. The fraudulent email messages and/or websites are designed to trick recipients into divulging personal financial data such as credit card numbers, online banking login credentials, social security numbers, etc.

Sometimes, phishers will create a fake website that looks legitimate and attach a link to the fake website in an email. Unsuspecting recipients that click on this link will find that the website that opens up that resembles the correct website. However, the computer user does not know that they have been redirected to a fake website which can be designed to collect personal information (such as account numbers and social security numbers.)

  • Be suspicious of any email that requires an urgent response from you and that seems alarming or exciting. Phishers will send emails that require your immediate attention or to "verify their records." They usually ask for information such as usernames, passwords, account numbers, social security numbers, etc. Emails from phishers are generally not personalized and may appear to be sent in mass distribution.
  • Do not click on links sent in an email that is asking for information. Emails suggesting to "click here" in order to enter personal information may end up redirecting you to a fake site that could be collecting your data for malicious use. If you are unsure of the legitimacy of an SMCU email, contact us at 206-398-5500.
  • Avoid filling out forms asking for confidential or financial information unless you are dealing with a reputable site that you can verify as authentic. If you enter any information, make sure that it is done over a secure link (SSL). This can be verified by checking the "lock" icon in your browser window or displaying HTTPS:// in the address bar. (HTTPS:// - the "S" represents secure)

FRAUD SCAMS

Don’t fall for these scams:

  • Lottery/Sweepstakes Scam
  • Craigslist/Overpayment Offer Scam
  • Mystery Shopper Scam • Car Wrap Scam
  • Romance Scam
  • Unexpected Inheritance Scam
  • Credit Card Telephone Scam